I cannot get the login to work right, everytime i change anything little thing it stops working all together which is unacceptable. So far i have the login reading from the admin table i created, this is good but the issue is my passwords are not being read as case sensitive even though they are displaying on the table as case sensitive i.e. table password = "Admin" but can login using "admin" my username doesnt matter much so that im not worried about. Also one last note i understand that you should never store passwords as plain text but it doesnt matter in the application im working on so im not worried about it, but this functionaility is crucial and i need it. here is my code:
this is the login.php
<?php
session_start();
$con = mysqli_connect("localhost", "root", "", "numbers") or die(mysqli_error($con));
if(isset($_POST['login']))
{
//get username and password entered by user
$myusername=mysqli_real_escape_string($con,$_POST['username']);
$mypassword=mysqli_real_escape_string($con,$_POST['password']);
$sql="SELECT username, password FROM admin WHERE username='".$myusername."' AND password='".$mypassword."'";
$check= mysqli_query($con,$sql);
$row = mysqli_fetch_row($check);
if($row[0]!="" && $row[1] !="") //compare username and password to ones found in database
{
## set logged_in to true
$_SESSION['logged_in']= true;
## set username session
$_SESSION['username'] = $row[0];
header('location: table.php');
exit();
}
else
{
$error="Your Login Name or Password is invalid";
//echo "$error";
//echo "<META http-equiv=' refresh' ;URL='index.php'>";
}
}
?>
<html>
<head>
<!-- Basics -->
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>Login</title>
<!-- CSS -->
<link rel="stylesheet" href="css/reset.css">
<link rel="stylesheet" href="css/animate.css">
<link rel="stylesheet" href="css/styles.css">
</head>
<body>
<!-- Main HTML -->
<!-- Begin Page Content -->
<div id="container">
<?php echo ($error ? $error : '' );?>
<form action="index.php" method="post">
<label for="name">Username:</label>
<input type="name" name="username" id="username">
<label for="username">Password:</label>
<input type="password" name="password" id="password">
<div id="lower">
<input type="submit" value="Login" name="login" id="login">
</div>
</form>
</div>
</body>
</html>
and this is the adduser.php i use to add new admins to the table. It adds the passwords with case sensitivity but its not being compared as such in the login script or at least i think so because im not entirely sure.
<?php
session_start();
if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] == false){
header('location: index.php');
exit();
}
include('header.php');
$con = mysqli_connect("localhost", "root", "", "numbers") or die(mysqli_error($con));
//submission code, inserting data into mysql database
$admin = mysqli_real_escape_string($con, "X");
$username = NULL;
$password = NULL;
$mySqlDate = date('Y-m-d');
$mySqlTime = date('g:i a');
echo"
<form method='get' action='adduser.php'>
<table width='400' border='0' cellspacing='1' cellpadding='2'>
<div style = 'margin-bottom: 100px' >
<tr width='200'>
<font size='6'>
Add a New User with Administrative Privileges
<br>
<br>
</tr>
</font>
</div>
<tr>
<td width='100'>Username:</td>
<td>
<input name='username' type='text' id='username'>
</td>
</tr>
<tr>
<td style='width:100%;' width='200'>Password:</td>
<td>
<input name='password' type='text' id='password'>
</td>
</tr>
<tr>
<td>
<div class = 'exportbtn'>
<input name='submit' class='btn btn-info' type='submit' id='adduser' value='Add User'>
</div>
</td>
</tr>
</table>
</form>
<form method='post' action='table.php' >
<div class = 'exportbtn'>
<input type='submit' class='btn btn-info' value='Return To Table' name='export'>
</div>
</form>
";
if(isset($_GET['submit']))
{
$username = $_GET['username'];
$password = $_GET['password'];
//filter out non numeric and special characters
$username = mysqli_real_escape_string($con, $_GET['username']);
$password = mysqli_real_escape_string($con, $_GET['password']);
$check = mysqli_query($con, "SELECT count(*) FROM admin WHERE username = '".$username."'") or die();
$row = mysqli_fetch_row($check);
if ($row[0] == 0)
{
$sql="INSERT INTO admin (username, password, date, time, admin) VALUES ('".$username."','".$password."','".$mySqlDate."','".$mySqlTime."','".$admin."')";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
//echo "false";
//$length = "Remember to use lower case letters and do not use spaces";
//echo "<font size='5' color='blue'>".$length."</font> ";
}
}
echo"
<form method='get' action='addlesseruser.php'>
<table width='400' border='0' cellspacing='1' cellpadding='2'>
<div style = 'margin-bottom: 100px' >
<tr width='200'>
<font size='6'>
Add New Report Management User
<br>
<br>
</tr>
</font>
</div>
<tr>
<td width='100'>Username:</td>
<td>
<input name='username' type='text' id='username'>
</td>
</tr>
<tr>
<td style='width:100%;' width='200'>Password:</td>
<td>
<input name='password' type='text' id='password'>
</td>
</tr>
<tr>
<td>
<div class = 'exportbtn'>
<input name='submit' class='btn btn-info' type='submit' id='adduser' value='Add New Report Management User'>
</div>
</td>
</tr>
</table>
</form>
<form method='post' action='table.php' >
<div class = 'exportbtn'>
<input type='submit' class='btn btn-info' value='Return To Table' name='export'>
</div>
</form>
";
?>
I just need the passwords to read as case senitive and that will be the last issue i face when getting the whole program up and running in house, thank you all for all of the generous help you have given me. I could not have don eit without u or this website!